-
Notifications
You must be signed in to change notification settings - Fork 163
Get JCEventCount
Query the API for a count of matching events
Get-JCEventCount -Service <String[]> -StartTime <DateTime> [-EndTime <DateTime>] [-Fields <String[]>]
[-Q <String>] [-SearchAfter <String[]>] [-SearchTermAnd <Hashtable>] [-SearchTermNot <Hashtable>]
[-SearchTermOr <Hashtable>] [-Sort <String>] [-WhatIf] [-Confirm]
[<CommonParameters>]
Get-JCEventCount -Body <IEventQuery> [-WhatIf] [-Confirm]
[<CommonParameters>]
Query the API for a count of matching events
Get-JCEventCount -Service:('all') -StartTime:((Get-date).AddDays(-30))
Pull all event records from a specified time and count the results
Get-JCEventCount -Service:('sso') -StartTime:('2020-04-14T00:00:00Z')
Pull all SSO event records from a specified time and count the results
Get-JCEventCount -Service:('all') -StartTime:('2020-04-14T00:00:00Z') -EndTime:('2020-04-20T23:00:00Z') -SearchTermAnd @{"event_type" = "admin_login_attempt"; "resource.email" = "[email protected]"}
Get all events counts between a date range and match event_type = admin_login_attempt and resource.email = [email protected]
Get-JCEventCount -Service:('directory') -StartTime:((Get-date).AddDays(-30)) -searchTermAnd:@{"event_type" = "group_create"}
Get only group_create event counts the last thirty days
EventQuery is the users' command to search our auth logs To construct, see NOTES section for BODY properties and create a hash table.
Type: JumpCloud.SDK.DirectoryInsights.Models.IEventQuery
Parameter Sets: Get
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: Falseoptional query end time, UTC in RFC3339 format
Type: System.DateTime
Parameter Sets: GetExpanded
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: Falseoptional list of fields to return from query
Type: System.String[]
Parameter Sets: GetExpanded
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: Falseoptional string for specifying a full text query
Type: System.String
Parameter Sets: GetExpanded
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseSpecific query to search after, see x-* response headers for next values
Type: System.String[]
Parameter Sets: GetExpanded
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseTermConjunction represents a conjunction (and/or)NOTE: the validator limits what the operator can be, not the object for future-proof-ness and a list of sub-values
Type: System.Collections.Hashtable
Parameter Sets: GetExpanded
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseTermConjunction represents a conjunction (and/or)NOTE: the validator limits what the operator can be, not the objectfor future-proof-nessand a list of sub-values
Type: System.Collections.Hashtable
Parameter Sets: GetExpanded
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseTermConjunction represents a conjunction (and/or)NOTE: the validator limits what the operator can be, not the object for future-proof-ness and a list of sub-values
Type: System.Collections.Hashtable
Parameter Sets: GetExpanded
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: Falseservice name to query. Known services: systems,radius,sso,directory,ldap,all
Type: System.String[]
Parameter Sets: GetExpanded
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseASC or DESC order for timestamp
Type: System.String
Parameter Sets: GetExpanded
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: Falsequery start time, UTC in RFC3339 format
Type: System.DateTime
Parameter Sets: GetExpanded
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalsePrompts you for confirmation before running the cmdlet.
Type: System.Management.Automation.SwitchParameter
Parameter Sets: (All)
Aliases: cf
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseShows what would happen if the cmdlet runs. The cmdlet is not run.
Type: System.Management.Automation.SwitchParameter
Parameter Sets: (All)
Aliases: wi
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseThis cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
BODY <IEventQuery>: EventQuery is the users' command to search our auth logs Service <String[]>: service name to query. Known services: systems,radius,sso,directory,ldap,all StartTime <DateTime>: query start time, UTC in RFC3339 format [EndTime <DateTime?>]: optional query end time, UTC in RFC3339 format [Fields <String[]>]: optional list of fields to return from query [Limit <Int64?>]: Max number of rows to return [SearchAfter <String[]>]: Specific query to search after, see x-* response headers for next values [SearchTermAnd <ISearchTermAnd>]: list of event terms. If all terms match the event will be returned by the service. [(Any) <Object>]: This indicates any property can be added to this object. [SearchTermOr <ISearchTermOr>]: list of event terms. If any term matches, the event will be returned by the service. [(Any) <Object>]: This indicates any property can be added to this object. [Sort <String>]: ASC or DESC order for timestamp
- Wiki Home
- Installing the JumpCloud PowerShell module
- Using the JumpCloud PowerShell Module
- Using the JumpCloud PowerShell Module with AWS Lambda
- PowerShell Commands Example Library
- JumpCloud Commands Gallery
- JumpCloud PowerShell YouTube Channel
- The JumpCloud Dashboard PowerShell Module
Authentication
Import and Backup
- Get JCAssociation
- New JCImportTemplate
- New JCDeviceUpdateTemplate
- Import JCUsersFromCSV
- Update JCUsersFromCSV
- Update JCDeviceFromCSV
- Get JCBackup
- Send JCPasswordReset
- Backup JCOrganization
RADIUS Reply Attributes
- Add JCRadiusReplyAttribute
- Get JCRadiusReplyAttribute
- Update JCUsersFromCSV
- Set JCRadiusReplyAttribute
- Remove JCRadiusReplyAttribute
User Functions
Administrator Functions
System Functions
- Get JCSystem
- Get JCSystemApp
- Get JCSystemKB
- Set JCSystem
- Remove JCSystem
- Get JCSystemUser
- Set JCSystemUser
- Add JCSystemUser
- Remove JCSystemUser
Command Functions
- New JCCommand
- Get JCCommand
- Import JCCommand
- Remove JCCommand
- Set JCCommand
- Invoke JCCommand
- New JCDeploymentTemplate
- Invoke JCDeployment
- Get JCCommandResult
- Remove JCCommandResult
- Get JCCommandTarget
- Add JCCommandTarget
- Remove JCCommandTarget
Group Functions
- Get JCGroup
- New JCUserGroup
- Remove JCUserGroup
- Get JCUserGroupMember
- Add JCUserGroupMember
- Remove JCUserGroupMember
- New JCSystemGroup
- Remove JCSystemGroup
- Get JCSystemGroupMember
- Add JCSystemGroupMember
- Remove JCSystemGroupMember
- Set-JCUserGroupLDAP
Policy Functions
- Get JCPolicy
- Get JCPolicyResult
- Get JCPolicyTargetSystem
- Get JCPolicyTargetGroup
- New JCPolicy
- Set JCPolicy
Event Functions
Report Functions